...

View Full Version : IP Ban



newline
06-07-2007, 04:36 AM
Hey,

Is there some way I can make an ip banning script off a flat text file? So I can use fwrite to add an I.P and remove one. Is this possible.

Fou-Lu
06-07-2007, 05:11 AM
It sure is.
Nothing is really 100% reliable though, and I don't believe php is capable of attaching to a MAC...

Correction, I guess you can theoretically get a MAC using php if you can use the exec command...

Coastal Web
06-07-2007, 06:28 AM
I'm not sure if there have been some posts deleted from this thread, but the first reply seems like it's missing something... ;S

In any event; yes this can easily be done. However l highly suggest that IP bans are done at the .htaccess level (much less strain on the server) ... but here is a code that will allow you to ban users based on the first three octets of the IP address (much more effective than targeting the entire IP address; as the last set of octets change frequently.

fist off you want to make a file named "banned_ips.txt" and palce the IP addresses that you want banned in it... I also believe this file will need read permissions (CHMOD 755 - can a php guru please verify this?).

then try this script out (in the same directory ; or add the full path of the script below:



<?php
define('FILE_IPS', 'banned_ips.txt', true); // edit 'banned_ips.txt' with the name/path of your banned ip text file...

$ip = $_SERVER["REMOTE_ADDR"]; //snag users ip addres


//here we'll grab the list of banned ip addresses...
$file = implode(" ", file(FILE_IPS));

// here we'll snag the first three octets of the users IP address
$exp = explode(".", $ip);
$class = $exp[0].'.'.$exp[1].'.'.$exp[2].'.';

if(stristr($file, $class)) { //user is banned do something...

//you could just "kill" the execution of the page...
die('you are banned'); //kill the execution of the page, user is banned!

//or maybe redirect them to a special "banned page"...
//header("location: http://www.disney.com");


//or matybe output a fake "page not found" error... ;)
/*
define('THIS_DOMAIN', $_SERVER[SERVER_NAME], true);
header("HTTP/1.0 404 Not Found");
die('<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head><title>404 Not Found</title></head><body>
<h1>Not Found</h1>
<p>The requested URL '.$page.' was not found on this server.</p>
<hr>
<address>Apache/2.2.3 (Unix) Server at '.THIS_DOMAIN.' Port 80</address>
</body></html>');
*/
}

?>


I hope this helps

Fou-Lu
06-07-2007, 06:53 AM
Lol, nothing missing I simply answered the question ;)
I just threw in that IP banning isn't the most reliable way to ban though.

Coastal Web
06-07-2007, 07:12 AM
Lol, nothing missing I simply answered the question ;)
I just threw in that IP banning isn't the most reliable way to ban though.

Ahhh got ya. I must say the idea of grabbing a MAC address sounds like something that might be fun toying around with. (l guess l should consult with my good friend google first) but what kind'a information can you share?

edit: Seems like most of the results l find in google are speculation....

Fou-Lu
06-07-2007, 08:07 AM
I'm not 100% certain of this either as I've never tried it out, however...
Based on my networking experience, you should be able to grab a physical address through a proxy by shell_exec() with an nbtstat. After that, some line splitting and exploding, you should be able to obtain a mac address. Granted that this can also be spoofed, but most people won't know how to alter it. Another down side is its use of shell_exec(), unless you run a dedicated I doubt your server supports it. I don't have a dedicated to play with, but if you do I would love to hear your results!

firepages
06-07-2007, 08:28 AM
much more effective than targeting the entire IP address; as the last set of octets change frequently

and effectively banning 254 users (good or bad users) at once .. 100 banned ip address's = nearly 25,000 potential users banned from the site.

newline
06-07-2007, 11:29 PM
samantha, then could I use fwrite() to add ips to the text file?

Coastal Web
06-08-2007, 12:36 AM
and effectively banning 254 users (good or bad users) at once .. 100 banned ip address's = nearly 25,000 potential users banned from the site.

Hahah, guess you're right l didn't think about it that way when l tossed the example together // l was working off of a "cloaking" script; and the sript targets SE bots; not regular users.

But alas the whole idea is "off" and should be done via .htaccess in the first place, am l right?

Best regards,

Coastal Web
06-08-2007, 12:52 AM
samantha, then could I use fwrite() to add ips to the text file?

Sure could... something like this would do the trick:


<?php

define('FILE_IPS', 'banned_ips.txt', true); // edit 'banned_ips.txt' with the name/path of your banned ip text file...

$ip = $_POST[user_ip];

//make sure IP is posted, and that i's numeric....
if(!empty($ip) && is_numeric(str_replace(".", "", $ip))){

//open up your text file and write to the end of it...
$fh = fopen(FILE_IPS, 'a') or die("<b>Error:</b> There was a problem banning " . $ip . ". Please trya gain.");
$stringData = "$ip\n";
fwrite($fh, $stringData);
fclose($fh);

//output success...
echo $ip . " Was successfully banned.<br /><a href='" . $PHP_SELF . "'>go back</a>";

}else{
//form not submitted.. show ip banning form...

echo <<<EoC
<form method="post" action="banMod.php">
IP: <input type="text" name="user_ip" value="" />
<br />
<input type="submit" value="Ban IP" />

</form>
EoC;
}
?>

Coastal Web
06-08-2007, 12:55 AM
PS, if you don't want to bann an entire range of 255 IP addresses everytime you add an ip to your "ban file", you might want to do this change to the original code:
[per firepages' observations...]


find:

$exp = explode(".", $ip);
$class = $exp[0].'.'.$exp[1].'.'.$exp[2].'.';

if(stristr($file, $class)) { //user is banned do something...

replace with:


if(stristr($file, $ip)) { //user is banned do something...




@Fou-Lu

I am running a dedicated server, but l wouldn't know the first thing about any of this; the only time l've ever used shell_exec() was to created a php function to inject a gzipped sql file into a database... do you have a concept script you could come up with and we'll test it out.


Best regards,

newline
06-08-2007, 03:58 AM
I will soon

inVINCEable
06-10-2007, 05:07 AM
try this, nice and simply IMO,



<?

$blockip = array("192.169.1.1");

$x = count($blockip);

for ($y = 0; $y < $x; $y++) {

if ($REMOTE_ADDR == $blockip[$y]) {

echo ("Site Down");

Exit;}

}

?>

newline
06-10-2007, 05:58 AM
well i want to be able to add ip's by form.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum